Privacy Transformation - Issue 181

PRIVACY

Czech Presidency hones in on platform workers’ personal data protection

Czech Presidency hones in on platform workers’ personal data protection

A new, third compromise text from the Czech Presidency of the EU Council on the platform workers' directive further emphasises the importance of algorithmic management and workers' personal data protection.

New legislation will make it easier for Wexford authorities to catch those dumping illegally

New legislation will make it easier for Wexford authorities to catch those dumping illegally

Legislation which will allow local authorities to roll out and utilise CCTV to catch illegal dumping is now in place and is expected to be fully operational by early 2023.

SECURITY & TECH

TikTok says staff in China have access to European user data

TikTok says staff in China have access to European user data

Other countries in which some TikTok staff have access to European user data include Brazil, Israel, Japan, Malaysia and the Philippines.

Cyber-attacks on small firms: The US economy's 'Achilles heel'?

Cyber-attacks on small firms: The US economy's 'Achilles heel'?

Small businesses play a critical role in the economy but are more vulnerable to cyber-attacks.

US convenes over 30 countries to address ransomware as hacks of hospitals, critical infrastructure continue

US convenes over 30 countries to address ransomware as hacks of hospitals, critical infrastructure continue

The Biden administration will convene three-dozen allied governments on Monday and Tuesday for a fresh round of talks on how to stem the tide of ransomware attacks that have disrupted critical infrastructure firms around the world and cost businesses many millions of dollars.

Online age-verification system could create ‘honeypot’ of personal data and pornography-viewing habits, privacy groups warn

Online age-verification system could create ‘honeypot’ of personal data and pornography-viewing habits, privacy groups warn

As the UK government develops online safety guidelines, digital rights groups says any approach requiring the use of ID is ‘invasive and risky’.

UK police use of live facial recognition unlawful and unethical, report finds

UK police use of live facial recognition unlawful and unethical, report finds

Police should be banned from using live facial recognition technology in all public spaces because they are breaking ethical standards and human rights laws, a study has concluded.

UK NCSC: Weekly Threat Report

UK NCSC: Weekly Threat Report

The NCSC's threat report is drawn from recent open source reporting.

DATA BREACH

Thomson Reuters collected and leaked at least 3TB of sensitive data

Thomson Reuters collected and leaked at least 3TB of sensitive data

The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online

Medibank now says hackers accessed all its customers’ personal data

Medibank now says hackers accessed all its customers’ personal data

​Australian insurance firm Medibank has confirmed that hackers accessed all of its customers' personal data and a large amount of health claims data during a recent ransomware attack.

ENFORCEMENT

ICO and Cabinet Office reach agreement on New Year Honours data breach fine

ICO and Cabinet Office reach agreement on New Year Honours data breach fine

The UK Information Commissioner has agreed to reduce the £500,000 Monetary Penalty Notice (MPN) imposed on the Cabinet Office in 2021 in relation to the New Year Honours data breach to £50,000, which the Cabinet Office has agreed to pay, reflecting our new approach to working more effectively with public authorities.

More on the latest GDPR enforcement news can be found on:

enforcementtracker.com

RESOURCES

Podcast: Grumpy GDPR - No harm, no foul with Max Schrems

Podcast: Grumpy GDPR - No harm, no foul with Max Schrems

😤 Just how grumpy is Max Schrems, Miloš and Rie about the recent CJEU Advocate Opinion on conditions for the right to compensation under the GDPR?

ENISA Threat Landscape 2022

ENISA Threat Landscape 2022

This is the tenth edition of the ENISA Threat Landscape (ETL) report, an annual report on the status of the cybersecurity threat landscape. It identifies the top threats, major trends observed with respect to threats, threat actors and attack techniques, as well as impact and motivation analysis. It also describes relevant mitigation measures.

CONTRIBUTE

Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.